A long journey in Silicon Valley

Cloud Computing and the Morning After

I just read a very interesting op-ed about the opportunities and hazards of cloud computing and it resonated with me on several levels.

Some are in plain view. If you entrust your data to others, they can let you down or outright betray you. For example, if your favorite music is rented or authorized from an online subscription service rather than freely in your custody as a compact disc or an MP3 file on your hard drive, you can lose your music if you fall behind on your payments — or if the vendor goes bankrupt or loses interest in the service. Last week Amazon apparently conveyed a publisher’s change-of-heart to owners of its Kindle e-book reader: some purchasers of Orwell’s “1984” found it removed from their devices, with nothing to show for their purchase other than a refund. (Orwell would be amused.)

Worse, data stored online has less privacy protection both in practice and under the law. A hacker recently guessed the password to the personal e-mail account of a Twitter employee, and was thus able to extract the employee’s Google password. That in turn compromised a trove of Twitter’s corporate documents stored too conveniently in the cloud. Before, the bad guys usually needed to get their hands on people’s computers to see their secrets; in today’s cloud all you need is a password.

Thanks in part to the Patriot Act, the federal government has been able to demand some details of your online activities from service providers — and not to tell you about it. There have been thousands of such requests lodged since the law was passed, and the F.B.I.’s own audits have shown that there can be plenty of overreach — perhaps wholly inadvertent — in requests like these.

In recent weeks we have seen the downside of relying on third party hosted application services and having devices tethered to a remote service provider, but these recent incidents are really nothing new. Apple has over the years faced some pretty intense criticism for the control they exert over iTunes and the lengths to which they will go to restrict access by third parties, whether it be the restrictive DRM on iTunes content or their continued skirmishes with iPhone jailbreakers.

The recent case of Amazon deleting books their customers purchased that they were not authorized to sell is particularly egregious and despite their mea culpa and promise to never do it again, consumers are right to be concerned about intrusions onto their personal property by remote service providers. It is something I am increasingly concerned about, not because of bad intentions but simply because this new frontier is increasingly hostile to something that forms the very foundation of the American way of life, property rights.

Imagine the consequences if Best Buy broke into your home to search for pirated DVDs that you were playing on a device you purchased from them, these consequences would be criminal and beyond debate. Now imagine what would happen if Amazon deleted ebooks that were not authorized for digital distribution and hacked onto a Kindle (because you can’t get Kindle content legitimately anywhere but Amazon, indeed their DRM scheme is proprietary) or Apple deleted songs that were not downloaded from iTunes or Google cancelled your Gmail account because of a terms of service violation and didn’t give you your email? What would happen… bubkus because the only consequence would be public outcry and some bad PR.

Meanwhile, the Federal government wants to be a repository for my personal medical records, while also aspiring to be my insurance providers, several states are considering a vehicle tax tied to actual mileage that would be recorded through an in-vehicle transmitter, California is pushing to mandate pay-as-you-go insurance and registration fees which would again rely on forced transmitting of miles driven, and utilities are mandating smart-grid meters for electricity and gas usage that monitor in real time what you are consuming.

All of this is more than a little unsettling and while we are seeing tremendous innovations I can’t help but feel that we are getting ahead of our ability to adjust our regulatory and law enforcement framework to deal with the universal issue of my data, who can see it, and under what protocols. The privacy pendulum has in recent years swung wide in one direction as consumers increasingly express little concern about companies having our data and accessing our devices, the question remains whether that pendulum will swing back violently in the other direction or simply adjust periodically.